<?php
/**
 * 《我的密码》实现类
 *
 * @author 孙晓晔
 * @version $Id: Work.class.php 1035 2010-03-26 05:24:59Z sunxy $
 */
require_once(dirname(__FILE__) . '/../emp/Password.class.php');

class PasswordMy extends Password {

	function __construct() {
		$request['update'] = '$Date: 2009/02/16 07:36:07 $';
		$request['revision'] = '$Revision: 1.1 $';

		parent::__construct($request);
	}

	function pretreat($controller) {
		parent::pretreat($controller);
	}
	
	function layout($controller, $request) {		
		$result = array();
		while (list($k, $v) = each($this->type)) {
			if ($k == '-') {
				continue;
			}
			
			$row['type'] = $k;
			$row['type_t'] = $v;
			$result[] = $row;
		}
		
		$controller->assign_by_ref('result', $result);
		
		$controller->display($request, 'emp/password/my/layout');
		return true;
	}	
	
	function edit($controller, $request) {		

		$controller->display($request, 'emp/password/my/edit');
		return true;
	}

	/**
	 *
	 *
	 * @param Controller $controller
	 * @param array $request
	 */
	function editPost($controller, $request) {
		$emp = $_SESSION['id'];

		$type = $request['type'];
		$p1 = $request['p1'];
		$p2 = $request['p2'];

		if ($type == '1') {
			return $this->_system($p1, $p2);
		}
		
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND type = '%s'";
		$sql = sprintf($fmt, $this->tbl, $emp, $type);
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			if ($this->_password($row['password'], $p1)) {
				$ret['status'] = 2;
				echo json_encode($ret);
				return true;
			}
			
			$fmt = "UPDATE %s SET password = '%s', modifytime = now() WHERE emp = '%s' AND type = '%s'";
			$sql = sprintf($fmt, $this->tbl, $p2, $emp, $type);
			debug($sql);
			$db->query($sql);
		} else {
			$fmt = "INSERT INTO %s(emp, type, password, createtime, modifytime) VALUES('%s', '%s', '%s', now(), now())";
			$sql = sprintf($fmt, $this->tbl, $emp, $type, $p2);
			$db->query($sql);
			debug($sql);
		}

		$ret['status'] = 1;
		echo json_encode($ret);
		return true;
	}
	
	function _vpopmail($p1, $p2) {
		
	}
	
	function _system($p1, $p2) {
		$emp = $_SESSION['id'];
		
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE id = '%s'";
		$sql = sprintf($fmt, Constant::tbl_emp, $emp);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			if ($this->_password($row['password'], $p1)) {
				$ret['status'] = 2;
				echo json_encode($ret);
				return true;
			}
		}

		$fmt = "UPDATE %s SET password = '%s', modifytime = now() WHERE id = '%s'";
		$sql = sprintf($fmt, Constant::tbl_emp, $p2, $emp);
		// debug($sql);
		$db->query($sql);

		$this->_update($emp, '1', $p2);
		
		$ret['status'] = 1;
		echo json_encode($ret);
		return true;
	}
	
	function _update($emp, $type, $p2) {
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE emp = '%s' AND type = '%s'";
		$sql = sprintf($fmt, $this->tbl, $emp, $type);
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {			
			$fmt = "UPDATE %s SET password = '%s', modifytime = now() WHERE emp = '%s' AND type = '%s'";
			$sql = sprintf($fmt, $this->tbl, $p2, $emp, $type);
			debug($sql);
			$db->query($sql);
		} else {
			$fmt = "INSERT INTO %s(emp, type, password, createtime, modifytime) VALUES('%s', '%s', '%s', now(), now())";
			$sql = sprintf($fmt, $this->tbl, $emp, $type, $p2);
			$db->query($sql);
			debug($sql);
		}
	}
	
	function _password($password, $input) {
		$s = trim($input);
		if (strlen($s) == 0) {
			return true;
		}

		if ($password == $input) {
			return false;
		}

		if ($password == md5($input)) {
			return false;
		}

		return true;
	}
	
	function view($controller, $request) {
		$this->pretreat($controller);

		$id = $request['id'];

		clean($this->tbl . "_id_" . $id);
		$row = $this->_view($id);
		
		if ($_SESSION['id'] == $row['emp']) {
			$controller->assign_by_ref('result', $row);
		}

		$controller->display($request, 'finance/salary/view');
		return true;
	}
	
	function password($controller, $request) {
		$data = array('status'=>'2');
		
		echo json_encode($data);
	}
}
?>